8 Takeaways: The Cryptographer's Panel at RSA 2020Experts Debate Blockchain, Differential Privacy, Crypto Backdoors and More
One of the highlights of the annual RSA Conference in San Francisco is the opening keynote session that gathers together a world-class panel of cryptography experts to discuss and debate today's top cybersecurity issues.
At this year's Cryptographer's Panel, held on Feb. 24, a number of issues loomed large, including facial recognition, U.S. election integrity, artificial intelligence, resurgent crypto wars, the human element - this year's official conference theme - as well as the impact of the new coronavirus outbreak, punctuated by multiple shout-outs to bitcoin and blockchain for how much good publicity they've brought to the field (see: 10 Hot Cybersecurity Topics at RSA Conference 2020).
This year's panelists included the first two letters of the RSA cryptosystem - MIT professor Ronald Rivest and Weizmann Institute professor Adi Shamir; Whitfield Diffie, who helped create the pioneering Diffie-Hellman key exchange protocol; Tal Rabin, an expert in cryptography and network security - including digital signatures and secure online communications; and Arvind Narayanan, a Princeton University professor known for his data de-anonymization work. Moderating was Zulfikar Ramzan, CTO of RSA.
Here's a deeper dive into top issues that the panel tackled.
1. Facial Recognition and Surveillance Capitalism
Security tools can be used for us but potentially also against us. "Facial recognition is one of the places where the rubber meets the road, where we start seeing applications of AI in our everyday lives," Rivest said.
Rivest gave a shout-out to a recent New York Times op-ed authored by security expert Bruce Schneier, who warned that modern mass surveillance is rapidly expanding and refining "the technologies of identification, correlation and discrimination," including - but not limited to - facial recognition.
In China, for example, such capabilities are being used to monitor citizens, while in the U.S., to better serve advertising, Rivest noted.
Regardless, individuals have scant if any protection against such technologies, or the fact of being watched without their knowledge, he said. The EU had been considering a temporary ban on facial recognition in public places, but last month dropped its proposal.
Even so, all is not wine and roses in the surveillance sphere. "I want to mention that in China they have had a major failure of facial recognition because everyone is walking around with face masks," Shamir said. Arguably at a time when the state might want to monitor the identity and movements of any citizens believed to be suffering from COVID-19, in other words, the surveillance apparatus failed.
2. Blockchain: What's It Good For?
Will blockchains reshape the world as we know it? Shamir has been among the dissenters. Appearing on multiple RSA conference panels and sessions in recent years, he's continued to note that in the vast majority of cases, the blockchain isn't the best tool for any job.
"In cryptography, I have major reservations" about blockchain, he said in response to a question posed by Ramzan during this year's panel. "In most cases, it is over-hyped and there are much simpler ways ... to achieve the same goal. There are a few cases that I am aware of where it does make sense and does give considerable benefit. But most use cases that are proposed are nonsense."
When it comes to securing elections, for example, Rivest said blockchains provided no benefits. "Blockchain is the wrong security technology for voting," he said. "I like to think of it as bringing a combination lock to a kitchen fire - you know, it's good for certain things, but not for fighting a fire."
3. Voting: Cybersecurity Won't Save Us
The U.S. government accused Russia of attempting to interfere in the 2016 U.S. presidential election, and warned that multiple countries were attempting interference in 2018. Panelists highlighted that from a security standpoint, both securing the integrity of citizens' votes, as well as their belief in vote integrity, remains important.
But the group of world-class cryptography experts said that technology will not save us. "Voting is the place where you don't need high-tech to make it work; you can get by just fine by using paper ballots," Rivest said. "We call this 'software independence,' where you don't need to trust some software."
Rivest said that for the 2020 elections, about 80 percent of voters will be voting on paper ballots, including all of the 2016 U.S. presidential election swing states, which he said is a massive improvement on recent years.
"One of the things we have learned is the importance of paper ballots - we see that putting a foundation of trust on electronic components that are hackable is just not the way to go, and having a paper ballot for every voter - a voter-verified ballot - is the way to go," he said.
Paper ballots also provide a foundation for validating results. Mathematician Philip Stark at the University of California at Berkeley, for example, has developed a risk-limiting audit that can be used to manually check small samples of paper ballots to ensure they match up with final tallies, Rivest said.
Aside from counting votes correctly, Rivest also urged attendees to make their voices heard. "I hope most importantly that everybody goes and votes," he said.
4. Cryptography and Rational Actors
One recent news story has been the release of additional details concerning the story of Crypto AG, a Swiss cryptographic equipment manufacturer that was secretly owned by U.S. and German intelligence, allowing them to eavesdrop on numerous countries' communications for years.
The broad outlines of the story have been well-known for some time. But Diffie said it was a reminder of how cryptography can serve geopolitical stability. "I am very enthusiastic about intelligence. It gets stated in Cold War terms that we could have imagined nothing worse than two major nuclear powers that know nothing about each other," he said.
"In general, I think intelligence is a very valuable contributor to stability in the world," he added. "Intelligence is not about playing fair, it's about succeeding," and in the case of Crypto AG, instead of having to try and hack other countries' system, Western intelligence instead served up equipment that they could already monitor.
While the Crypto AG example is historical, Diffie said similar questions continue to persist about other types of technology. "We're accusing Kaspersky in Russia or Huawei in China of building compromises into their equipment, and for that reason people are hesitant to buy it," he said, adding that maybe they should be.
In general, cryptographers have preached for a long time that all cryptographic systems should be public, so experts can study them for signs of weakness, which would have revealed the Crypto AG machinations. In addition, he says prevailing advice is to never design your own cryptosystem. But if dozens of countries had done that instead of buying Crypto AG products, it would have made it much more difficult for western intelligence agencies to monitor their activities, he said.
Shamir, for his part, said key details about the Crypto AG story have yet to be revealed. "I read the [new] story to see if there was any hint about how the CIA manipulated the crypto to make it breakable," he said. "Unfortunately there was no [such] information."
5. Crypto Wars Continue
Once again, strong crypto remains in the political spotlight, as the U.S. government has fielded a repeat proposal mandating that digital products and services always include "lawful access" backdoors, which is double-speak for not allowing strong encryption, or else attempting to create systems that are so complex that they cannot be reliably secured.
Cryptography experts are clear: Either systems are designed with strong cryptography and are secure, or they are designed with weak cryptography that can allow access by police, but also any hackers or nation-states skilled enough to exploit those weaknesses. There is no in between.
"When we pseudo won the argument around 2000, I said this isn't going to go away, everyone is basically fighting for what relative positions are going to be in the information world," Diffie said.
"People who put themselves forward as being concerned with 'law enforcement' and 'national security' have a very narrow few. And yeah, cryptography will often make their world harder," he said. "But ... we need to do everything we can to make our systems secure, and if you build some kind of backdoor mechanism into them it makes them just immensely more complex." Unless a system is simple, the industry does not know how to ensure that it remains secure, he said.
6. Change Remains Constant
What have been some of the biggest trends of the past 20 years, and what do the next 20 years hold? That question was posed by moderator Zulfikar Ramzan.
Rivest said the changes have been immense, noting that 20 years is often the time it takes to get a product from white board to widely adopted.
"Quantum computing is coming online, maybe. We have new math. Smartphones have really changed the game. We have new adversaries in the upcoming elections - it may not be the Russians, it may be the coronavirus. We'll see."
Diffie, meanwhile, said that "what amazes me is that cryptography goes on and on. ... I thought, circa-2000, that we'd solved the problem." In recent years, "the thing that impressed me most is the rise of bitcoin and blockchain," he added, noting that he was "just amazed with the durability" they've had, as well as the fact that thousands of people now attend new conferences devoted to these topics.
7. Blockchain: Old is New
Absolutely, Rabin said. "What amazes me about that thing ... is that it went back and it took things that we have known since the '80s - byzantine agreements, hash functions, proof of work - and combined all of these things. That's another thing that I love about this field, that it can ... go into the past, and make them into magnificent and wonderful things in the future."
Now, that's true for blockchain, she said. "Maybe ... we're still lacking the killer app, maybe everything can be done better using some other technology, but even if it was, just for the introduction, for the fact that almost every person in the world knows the word 'crypto,' which it did not know 10 year ago - "
"But it changed the meaning a little," Diffie said.
"Completely," Rabin replied. "But this is the power of this field, and it really brings beauty to all the things."
8. Differential Privacy Battles Conspiracy Theories
Princeton's Narayanan, meanwhile, said he wanted "to give a shout-out to differential privacy, which ... is a technology to release a data set while protecting individual privacy and still allowing aggregate analyses to be possible." About 15 years after being invented, the previously obscure concept is getting its first major test, in that it's being used to protect 2020 U.S. census results.
At the same time, Narayanan said the census is being dogged by misinformation and conspiracy theories. "The craziest one I've heard is that differential privacy is actually a conspiracy by the Trump administration, because they've secretly figured out a way to break it, and they're selling us a false promise of confidence in our census responses."
Not true, he said, and while there is a mathematical proof to prove the integrity of the data-gathering process, he said more neutral people are needed to help publicly lobby for the trustworthiness of such systems.
"So I guess it all comes down to the human element," said RSA's Ramzan.
Photographs: Mathew Schwartz